-
Notifications
You must be signed in to change notification settings - Fork 597
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Stronger owner controls #48
Comments
How about just having a 2-level split of "owner" vs "maintainer". Owners can modify the owner list, whereas maintainers can just publish/yank versions. |
Hey folks, this is definitely still something we'd like to see addressed. We discussed this issue during the issue triage meeting today, and we think this will need to go through an RFC for any significant changes to be accepted here. Right now we're cleaning out some of the older issues that haven't seen recent activity. Since this is one of those issues, I'm going to close this. I would like to re-iterate that we do want to see improvements here, and anyone interested in working on this should definitely raise it at a team meeting, and we'd be happy to help someone draft an RFC if interested. |
Co-authored-by: Renovate Bot <[email protected]>
Currently any owner can add and (more dangerously) remove any other one, which is open for abuse; e.g. add someone as an owner, have a falling out, and they can remove the main maintainer and squat the package name for themselves.
Possible improvements off the top of my head:
The text was updated successfully, but these errors were encountered: